General
-
Target
2e09a299ef4aff9beca70c64de73090fe05afec0b53ec274f580ae0577b08328
-
Size
715KB
-
Sample
220613-j71yyaeger
-
MD5
df93c12eeddd21a7f33ed4d8a5b3c9fa
-
SHA1
28f520d4cb0a93c3180c3c51257930c41854da93
-
SHA256
2e09a299ef4aff9beca70c64de73090fe05afec0b53ec274f580ae0577b08328
-
SHA512
6fb2128745981b91db8a857c895ca21c5f4ed58ad8dec25e87929a8914eb1d6c3634a1fcbe0ce22ac1aa089283e9faf2c8eba7787fc59f0858f6ff148764a5a2
Static task
static1
Behavioral task
behavioral1
Sample
2e09a299ef4aff9beca70c64de73090fe05afec0b53ec274f580ae0577b08328.exe
Resource
win10-20220414-en
Malware Config
Extracted
redline
76
139.99.32.83:43199
-
auth_value
44d461325298129ed3c705440f57962c
Targets
-
-
Target
2e09a299ef4aff9beca70c64de73090fe05afec0b53ec274f580ae0577b08328
-
Size
715KB
-
MD5
df93c12eeddd21a7f33ed4d8a5b3c9fa
-
SHA1
28f520d4cb0a93c3180c3c51257930c41854da93
-
SHA256
2e09a299ef4aff9beca70c64de73090fe05afec0b53ec274f580ae0577b08328
-
SHA512
6fb2128745981b91db8a857c895ca21c5f4ed58ad8dec25e87929a8914eb1d6c3634a1fcbe0ce22ac1aa089283e9faf2c8eba7787fc59f0858f6ff148764a5a2
Score10/10-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine Payload
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Suspicious use of SetThreadContext
-